SSH Tunnels for Remote Pairing

Yesterday was a good day. @pvh and I paired for a few hours, even though we’re at opposite coasts.

Here’s what you need:

  • A server somewhere that both pairs have access to. We used an EC2 instance. We’ll use it to meet up and create the tunnel.
  • SSH client libs - your should already have this unless you’re on windows in which case you probably want PuTTY.
  • Skype for audio.

As you know, The Internet is made of nodes connected by Tubes. Unfortunately, there is no tube from your machine to your pair’s machine. What we’ll do here is use a third node that has tubes to both of your machines to relay traffic through, in essence creating an Internet Tube from your machine to your pair’s. This kind of Internet Tube is called a Tunnel. Since we’re using SSH to do the traffic encryption and forwarding, it’s an SSH Tunnel. Yes, that’s somewhat made up, but sounds legit!

As it turns out, setting up a tunnel is fairly simple. For example, let’s set up a tunnel between you and Jane using a remote server saturn.

  1. You: Open up a shell and forward traffic to your local port 9999 over to Saturn’s port 1235:
1
ssh -L 9999:locahost:1235 saturn_user@saturn
  1. Jane: Open up a shell and forward traffic from saturn’s port 1235 to her port 22
1
ssh -R 1235:localhost:22 saturn_user@saturn
  1. You: Open up another shell, and ssh into your local port 9999 specifying a username on Jane’s machine.
1
ssh jane_user@jane -p 9999

And you’re good to go. Create a shared screen session, open up $EDITOR, use skype, google hangouts, face time or whatever for audio and start ping ponging.

The latency was surprisingly minimal. We left this tunnel open most of the day. It sat idle for periods of time and the connection was left active. All in all, a great setup.

If this is something you’ll do often, you might as well add a more permanent configuration to ~/.ssh/config. For example, you might add:

~/.ssh/config on your machine
1
2
3
4
5
6
7
8
9
Host tunnel_to_jane
Hostname saturn
LocalForward 9999:localhost:1235
User saturn_user
Host jane
Hostname jane
User jane_user
Port 9999

Then you’d do, on one terminal, ssh tunnel_to_jane, and on the other ssh jane.

And Jane might add:

~/.ssh/config on Jane’s machine
1
2
3
4
Host tunnel_from_you
Hostname saturn
RemoteForward 1235:localhost:22
User saturn_user

And she’d just do, ssh tunnel_from_you

This can be used not ony for remote pairing, but rather to forward any traffic on a port, over an SSH encrypted channel, to a remote host. For more see ssh_config(5) and ssh(1), and happy pairing!